<?php
session_start();
include "download.php";
include "connectsql.php";

if (isset($_SESSION["user"]) && $_SESSION["user"] == true) {
	$username = $_SESSION["username"];
	$manager = $_SESSION["managername"];
	
	$sql = "select * from ".SetDB_USER_TAB($manager)." where `username` = '".$username."'";
	if ($query = mysqli_query($link, $sql)) {
		$num_rows = mysqli_num_rows($query);
		mysqli_free_result($query);
		if ($num_rows == 0) {
			die ("error");
		}
	}
} else {
	if (isset($_REQUEST["name"])) {
		$username = $_REQUEST["name"];
		if ($username == "") {
			die ("error");			
		}
	} else {
		die ("error");
	}	
	
	if (isset($_REQUEST["managerid"])) {
		$managerid = $_REQUEST["managerid"];
		if ($managerid == "") {
			die ("error");			
		}
	} else {
		die ("error");
	}
	
	$sql = "select * from ".DB_MANAGER_TAB." where `id` = '".$managerid."'";
	if ($query = mysqli_query($link, $sql)) {
		$num_rows = mysqli_num_rows($query);
		if ($num_rows == 0) {
			die ("error");
		}
		$row = mysqli_fetch_assoc($query);
		$manager = $row["managername"];
		mysqli_free_result($query);
	
	 	$_SESSION["user"] = true;
	 	$_SESSION["username"] = $username;
	 	$_SESSION["managername"] = $manager;
	}
}

if (isset($_REQUEST["file"])) {
	$file = "./".$_REQUEST["file"];
//	$file = iconv("UTF-8", "gb2312", $file);
} else {
	die ("error");
}

if (isset($_SESSION["maxdownloadnum"])) {
	$maxdownloadnum = $_SESSION["maxdownloadnum"];
} else {
	$sql = "select * from limit_table";
	if ($query = mysqli_query($link, $sql)) {
		$num_rows = mysqli_num_rows($query);
		if ($num_rows == 1) {//not have
			$row = mysqli_fetch_assoc($query);
			$maxdownloadnum = $row["maxdownload"];
          	if ($maxdownloadnum == 0)
            	$maxdownloadnum = 100000;  
			mysqli_free_result($query);
		} else {
			$maxdownloadnum = 20;
		}
	} else {
		$maxdownloadnum = 20;
	}
	$_SESSION["maxdownloadnum"] = $maxdownloadnum;
}

if (isset($_REQUEST["start"])) {
	$start = $_REQUEST["start"];
} else {
	$start = 0;
}

if (isset($_REQUEST["free"]) && isset($_REQUEST["all"])) {
	$free = $_REQUEST["free"];
	$all = $_REQUEST["all"];
	
	$sql = "update ".SetDB_USER_TAB($manager)." set `free` = '".$free."', `all` = '".$all."' where `username` = '".$username."'";
	mysqli_query($link, $sql) or die("error");
}

$now = time() - 180;
$sql = "delete from ".DB_DOWNLOAD_TAB." where `onlinetime` <= '".$now."'";
mysqli_query($link, $sql);
		
$sql = "select * from ".DB_DOWNLOAD_TAB." where `manager` = '".$manager."' and`machine` = '".$username."'";
if ($query = mysqli_query($link, $sql)) {
	$num_rows = mysqli_num_rows($query);
	if ($num_rows == 0) {//not have
		$sql = "select * from ".DB_DOWNLOAD_TAB;
		$nowquery = mysqli_query($link, $sql) or die ("error");
		$num_rows = mysqli_num_rows($nowquery);
		mysqli_free_result($nowquery);		
		if ($num_rows >= $maxdownloadnum) {
			die ("waiti");
		} else {
			$sql = "insert into ".DB_DOWNLOAD_TAB." (`manager`,`machine`,`onlinetime`) values ('".$manager."','".$username."','".time()."')";
			mysqli_query($link, $sql) or die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_CHANGE);
		}
	} else {
		mysqli_free_result($query);
	}
}

$name = '';  
$obj = new FileDownload(); 
$flag = $obj->download($file, $name, $start);
 
mysqli_close($link); 

if ($flag == 1) {  
	die ("nuded");
} else if ($flag == 2) {  
	die ("sames");
} else if ($flag == 3) {  
	die ("exist");
} else {
	die ("whata");
}
?>